Ask Your Question

Configuring SROS Keyserver to Generate Encrypted Private Key

asked 2019-02-21 02:03:58 -0600

citrusying gravatar image

Even though there doesn't seem to be any interest in further developing SROS1, I am still exploring it as it is a very interesting implementation. I am trying to figure how to amend the keyserver configuration file, but the SROS tutorial page for this does not exist.

I would like to modify the keyserver configuration file such that the generated private keys are encrypted. I have made the following amendments to the default configuration file:

  • Line 93 --> encryption_algorithm: BestAvailableEncryption
  • Line 94, 111, 129, 144 --> password_env: left_blank as per default

When sroskeyserver is initialised, I am prompted to key in pass phrase for root, master and keyserver before the certs are generated. The pass phrases are the comments in Line 94, 111 and 144 of keyserver_config.yaml. But I encounter a problem when prompted to enter the PEM pass phrase. Going by logic, the pass phrase should be the comment in Line 129, i.e. SROS_NODE_PASSWORD. However, this does not work and will result in error as follows:

Starting an XML-RPC server to bootstrap SSL key distribution...
Enter pass phrase for root: 
Verifying - Enter pass phrase for root: 
Certificate generated: root
Enter pass phrase for master: 
Verifying - Enter pass phrase for master: 
Certificate generated: master
Enter pass phrase for keyserver: 
Verifying - Enter pass phrase for keyserver: 
Enter PEM pass phrase:
Traceback (most recent call last):
  File "/home/sros/sros/install/bin/sroskeyserver", line 3, in <module>
  File "/home/sros/sros/install/lib/python2.7/dist-packages/sros/", line 179, in sroskeyserver_main
    keyserver.start_keyserver(keyserver_config, keystore_path, keyserver_mode, port)
  File "/home/sros/sros/install/lib/python2.7/dist-packages/rosgraph/", line 143, in start_keyserver
UnboundLocalError: local variable 'keyserver' referenced before assignment

Is there a default password written into the SROS system files? Or where can the password be set? Has anyone succeeded in modifying SROS keyserver configuration?


edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2019-09-20 12:34:24 -0600

ruffsl gravatar image

This is really old, and SROS1 is no longer in active development, given the new focus on SROS2. But in the interest of ros answers and talk like a pirate day, password_env refers to the name of the environment variable to read the password from, rather than reading the string directly from the config file, so that one doesn't need to expose the password in clear text in the config file. See the example conf file for more comments:

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools



Asked: 2019-02-21 02:03:58 -0600

Seen: 68 times

Last updated: Sep 20 '19